Archives for July 2017

Posted: 2 years ago by @pentestit4248 viewsUpdated: July 26, 2017 at 10:29 am

This is a short post about nps_payload, an open source, python script that helps you create basic payloads that help you avoid or bypass intrusion detection systems. This is a mix of @ben0xa's Not PowerShell (nps) frameworks and some features of @HackingDave’s unicorn tool. As you know, Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode Read more about nps_payload: Basic Intrusion Detection Avoidance Payload Generator!

Posted: 2 years ago by @pentestit2751 viewsUpdated: August 29, 2017 at 12:43 am

My first post about this open source OWASP project was about an older version. This post discusses the changes made to the open source software composition analysis utility in the latest release yesterday. This is the OWASP Dependency-Check 2.1.0! What I like about this release is that the patch-level verification for Ruby Bundler has been proven conclusive and is now fully Read more about UPDATE: OWASP Dependency-Check 2.1.0!

Posted: 2 years ago by @pentestit3211 viewsUpdated: November 3, 2017 at 12:27 am

My first post regarding this malicious Microsoft Office document generator was about an older version. However a few hours ago, an update was released - Luckystrike 2.0! Major highlights for this awesome release include full support for Microsoft Word in addition to a new COM scriptlet payload and Excel DDE infection support. Along with this, support for Invoke-Obfuscation is Read more about UPDATE: Luckystrike 2.0!

Posted: 2 years ago by @pentestit2696 viewsUpdated: July 22, 2017 at 5:05 am

It's that exciting time of the year folks when new people from the security walks of life throng to casinos in the desert. Yes! I am talking about Black Hat, BSidesLV, DefCon. Bringing to you a part of utility that will be completely released at BSidesLV - SmoothCriminal, which demonstrates an anti-­VM & anti-sandbox technique that is used by some malwares today. Read more about SmoothCriminal: Sandbox Detection Via Cursor Speeds!

Featured Post

Three days ago, an updated version – Sysdig Falco v0.15.0 – was released. It has been some time since I last blogged about this open source behavorial activity monitor which has container support. This release incorporates a lot of rule updates that are now also tagged the for MITRE ATT&CK Framework and patches CVE-2019-8339, a medium severity vulnerability.Read more about UPDATE: Sysdig Falco v0.15.0